CVE-2025-12100 is a vulnerability classified under CWE-276 (Incorrect Default Permissions) affecting the MongoDB BI Connector ODBC driver versions 1.0.0 through 1.4.6. The issue arises because the driver sets insecure default permissions on critical files or resources, allowing users with limited privileges to escalate their access rights. This privilege escalation can enable attackers to gain unauthorized access to sensitive data or perform unauthorized actions within the system. The vulnerability has a CVSS 4.0 base score of 8.8, indicating high severity, with attack vector local (AV:L), low attack complexity (AC:L), and requiring privileges (PR:L) but no user interaction (UI:N). The impact metrics indicate high confidentiality, integrity, and availability impacts, with scope and security requirements also high. While no public exploits are known, the ease of exploitation combined with the high impact makes this a critical issue for affected environments. The MongoDB BI Connector ODBC driver is used to connect MongoDB data sources to business intelligence tools via ODBC, making it a key component in data analytics pipelines. Incorrect default permissions could allow a malicious local user or compromised process to escalate privileges and access or manipulate sensitive business intelligence data or underlying database connections.

The vulnerability allows privilege escalation on systems running the affected MongoDB BI Connector ODBC driver versions 1.0.0 through 1.4.6. This can lead to unauthorized access to sensitive data, manipulation of business intelligence queries, or disruption of analytics workflows. Organizations relying on this driver for data integration and reporting may face data breaches, data integrity issues, and potential downtime. Since the attack vector is local, environments where multiple users share access or where untrusted users have local access are at higher risk. The compromise of BI Connector privileges could also serve as a pivot point for further attacks within the network, especially in enterprise environments with interconnected data systems. The high confidentiality, integrity, and availability impacts mean that sensitive business data could be exposed or corrupted, and analytics services could be disrupted, affecting decision-making processes. The lack of known exploits in the wild suggests the vulnerability is not yet actively exploited, but the high severity score indicates it should be addressed promptly to prevent future attacks.

1. Upgrade the MongoDB BI Connector ODBC driver to a version later than 1.4.6 once a patched release is available from MongoDB. 2. Until a patch is released, restrict local access to systems running the affected driver to trusted administrators only. 3. Audit and harden file system permissions related to the BI Connector ODBC driver installation directories and configuration files to ensure they are not writable or accessible by unprivileged users. 4. Implement strict access controls and monitoring on systems hosting the BI Connector to detect any unauthorized privilege escalation attempts. 5. Use endpoint protection solutions capable of detecting suspicious local privilege escalation behaviors. 6. Review and minimize the number of users with local access to critical analytics infrastructure. 7. Employ network segmentation to isolate BI Connector hosts from less trusted network zones. 8. Monitor logs for unusual activity related to the BI Connector driver or associated processes. These steps go beyond generic advice by focusing on access restriction, permission auditing, and monitoring specific to the BI Connector environment.